CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-27103 |
Description: DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, a bypass for the patch for CVE-2024-55953 allows authenticated users to read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available.
CVSS: HIGH (7.3) EPSS Score: 0.03%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-24974 |
Description: DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.6, authenticated users can read and deserialize arbitrary files through the background JDBC connection. The vulnerability has been fixed in v2.10.6. No known workarounds are available.
CVSS: HIGH (7.3) EPSS Score: 0.03%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-2284 |
Description: A denial-of-service vulnerability exists in the "GetWebLoginCredentials" function in "Sante PACS Server.exe".
CVSS: HIGH (7.5) EPSS Score: 0.06%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-2265 |
Description: The password of a web user in "Sante PACS Server.exe" is zero-padded to 0x2000 bytes, SHA1-hashed, base64-encoded, and stored in the USER table in the SQLite database HTTP.db. However, the number of hash bytes encoded and stored is truncated if the hash contains a zero byte
CVSS: HIGH (7.8) EPSS Score: 0.01%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-2264 |
Description: A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.
CVSS: HIGH (7.5) EPSS Score: 56.51%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-2079 |
Description: Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain a hard coded secret key. This could allow an attacker to generate valid JWT (JSON Web Token) sessions.
CVSS: HIGH (8.7) EPSS Score: 0.05%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-1652 |
Description: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.02%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-1651 |
Description: A maliciously crafted MODEL file, when parsed through Autodesk AutoCAD, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.02%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-1650 |
Description: A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.02%
March 13th, 2025 (4 months ago)
|
|
CVE-2025-1649 |
Description: A maliciously crafted CATPRODUCT file, when parsed through Autodesk AutoCAD, can force an Uninitialized Variable vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVSS: HIGH (7.8) EPSS Score: 0.02%
March 13th, 2025 (4 months ago)
|